USN-5567-1

Details

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2588)

It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2586)

It was discovered that the implementation of POSIX timers in the Linux kernel did not properly clean up timers in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2585)

Affected Packages

Ubuntu:20.04:LTSlinux-oem-5.14

Fixed in:

5.14.0-1048.55

Ubuntu:22.04:LTSlinux-oem-5.17

Fixed in:

5.17.0-1015.16

References

REPORThttps://ubuntu.com/security/CVE-2022-2585 REPORThttps://ubuntu.com/security/CVE-2022-2586 REPORThttps://ubuntu.com/security/CVE-2022-2588 ADVISORYhttps://ubuntu.com/security/notices/USN-5567-1

USN-5567-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline